Manage exposed secrets with the Postman Enterprise Essentials plan
Sensitive data and credentials pose significant challenges to an organization’s security. Without proper safeguards in place, organizations are at risk of compromising their sensitive data and infrastructure. Organizations can better protect their sensitive data from unauthorized access or misuse by implementing secure secret management practices. That’s why we have enabled the Secret Scanner dashboard for teams on the Enterprise Essentials plan. This feature enables Postman teams to proactively manage risks associated with secret exposure.
Admins on the Enterprise Essentials plan now have the ability to manage secrets that have accidentally been exposed in Postman public elements. Super admins can access and resolve all detected secrets, while workspace admins can view and resolve secrets within their administered workspaces.
To view secrets that have been detected by the Secret Scanner, click on Team Settings in the Postman header, select your team from the dropdown menu, and navigate to the Secret Scanner subsection:
From here, you can filter detected secrets based on workspace type, workspace name, and secret type. You can also click on any secret to view more information, such as its location and steps to protect it. To resolve a secret, select a reason from the drop-down menu. You can view all resolved secrets in the Resolved tab on the Secrets Detected page.
Learn more about the Secret Scanner in our Learning Center. Additionally, you can visit the Postman Trust Center to gain knowledge about organizational security and how to protect your accounts and data in Postman.